►
From YouTube: [SIG-Network] Ingress NGINX meeting 20220119
Description
[SIG-Network] Ingress NGINX meeting 20220119
A
Hello,
everyone.
This
is
James
strong.
This
is
the
Ingress
nginx
sub
project
meeting
for
Sig
networking,
which
means
a
cncf
project,
and
we
are
here
to
the
cncf
code
of
conduct.
If
you
have
any
issues
or
if
there's
a
violation,
please
report
those
to
myself
or
the
Sig
networking
leads
with
that.
Today
is
January
19th
we're
going
to
talk
about
the
160
release
and
actually
do
the
release.
A
So
we
make
sure
that
it's
completed
and
with
that
there
is
one
major
change
that
we
wanted
to
talk
about.
So
I'm
going
to
pull
up
the
release,
notes
and
the
pr
and
we're
going
to
walk
through
the
one,
big
change
and,
while
I'm
doing
that
Ricardo.
Do
you
want
to
give
the
introduction
to
the
160
release
and
talk
about
that.
B
B
Yeah,
so
basically,
we
didn't
made
a
release
since
last
year
and
we
had
a
bunch
of
we
had.
We
had
a
bunch
of
things
to
fix
some
bug
fixes
some
improvements.
Folks
have
been
contributing
later
on
on
the
later
year
and
this
year,
with
with
improvements
from
end-to-end
tests
to
even
some
bug
fixes
on
on
synchronization,
and
we
think
that's
now,
it's
the
time
to
make
the
release
of
1.6
even
to
be
compatible
with
kubernetes
126.
B
But
this
really
is
also
adds
a
breaking
change,
which
is
I'm,
not
sure
if
everyone
knows
but
kubernetes,
when
Ingress
turn
it
into
V1
had
introductor
had
implemented.
What's
called
a
path,
type
that
you
can
say,
if
you
want
a
prefix,
a
a
an
exact
path
or
an
implementation
specific,
but
neither
kubernetes
or
us
never
validated
the
best
type,
and
if
what
what?
What
was
on
the
path,
it's
actually
compatible
with
the
path
type
right
so
per
the
kubernetes
API
comments
and
the
validation
that
should
exist.
B
The
path
type
should
be
compatible.
Sorry,
the
path
when
it's
exact
or
direct
or
prefix
should
be
compatible
with
the
RFC.
That
I
can't
remember
the
number,
but
that's
three
something
that
says
you
should
be
just
using
alphabetical
characters
and
some
special
characters
like
a
percentage
and
other
things
and
kubernetes
say
okay.
B
B
So
that's
on
the
documentation
that
James
it's
putting
on,
because
we
know
that
sometimes
people
may
just
be
using
that
way.
But
as
soon
as
we
want
this
to
be
implemented,
we
decided
to
go
with
this
default
enabled
right.
So
that's
a
the
new
default
behavior
for
a
breaking
change,
which
is
we
are
not
going
to
accept
path,
type
implementation
and
not
implementation.
Specific
with
rejects
is
there
additionally
to
that,
the
subset
that
characters
that
we
are
using?
B
It's
a
it's
smaller
than
even
the
RFC,
because
of
mainly
security
reasons
right
as
you've
followed
us
on
on
the
past,
we've
been
trying
to
close
some
common
injections
and
some
configurations
injections
on
Ingress,
but
we
understand
that
some
cases
may
be
may
need
some
special
characters.
So
that's
why
there
is
another
configuration
on
the
config
map
that
may
allow
the
admin
to
say:
okay,
I
trust,
my
users
on
this
cluster
and
I
know
that
they
can
use
whatever
random
weird
character.
They
want
to
use
on
their
path.
B
I
think
that's
mostly
out.
This
is
going
to
be
our
first
automated
release.
Thank
you,
James.
So
I
think
this
is
actually
a
huge
gain
for
us
because
releasing
English
engine
X
is
it's
just
a
real
pain.
It's
and
we've
been
trying
actually
to
automate
this
more
and
more
so.
We've
been
even
with
kubernetes
in
front
Sig
to
be
able
to
push
our
own
images
directly
to
station,
and
so
the
only
manual
step
is
going
to
be
the
promotion
of
the
image
to
production.
B
A
A
And
that's
adhering
to
the
to
the
kubernetes
API
that
we're
just
we
haven't
been
doing
the
validation
so
now
we're
enforcing
the
validation
of
what's
being
asked
to
us
on
the
apis,
yeah,
just
making
sure
that
I
understand
it
so
that
we
we've
clearly
enunciated
that,
because
I
know
that
they
can
be
when
I
was
reading
through
it.
It
was
confusing
to
say
the
least,
so
I
just
want
to
make
sure
that
we're
putting
it
out
there
very
clearly
of
what
folks
have
to
do
from
a
mitigation
perspective.
B
A
No,
it's
always
good.
That's
why
I
want
to
make
sure
that
everybody
read
through
the
release,
notes
and
the
change
log
as
we
were
getting
this
160
release
out
there
and
if
there
are
additional
characters
that
you're,
using
also
you
can
update
it
as
well
so
again
trying
to
make
it
secure,
while
still
flexible
from
a
user's
perspective.
Those
two
are
very
difficult,
with
the
amount
of
things
that
we
allow
folks
to
do,
and
what
nginx
or
the
Ingress
proxy
has
to
be
able
to
do
so
the
difficult
about.
A
So
thank
you
for
putting
that
out
there
Ricardo
and
then
I
think
just
from
a
release
perspective
a
missing
space.
Okay,
so
we've
we
forego
doing
the
normal
triage
process
that
we're
going
to
do
so.
We
want
to
get
160
out
there,
so
folks
can
see
that
it's
available
and
make
sure
that
we've
done
the
recording
so
working
through.
That
I
will,
of
course,
fix
all
of
the
next
nitpicks
that
you
have
Ricardo
any
other
questions
or
concerns
from
the
release
notes
perspective.
A
D
B
A
A
That's
a
new
one
too.
We
wanna,
okay,
yeah
the
requirements
for
the
chart,
that's
fair
and
then
bumping
the
chart
as
well
yep,
because
we
want
to
make
sure
that
folks
aren't
doing
an
automatic
rollout
like
we
saw
wika
152
so
that
we
can
get
that
updated
as
well,
and
then
yeah
we've
moved
all
of
the
change
logs
into
their
individual
folders
with
individual
notes.
A
So
you
can
see
that
the
changelog
is
now
in
a
different
directory
and
each
changelog
will
have
updated
notes
so
that
we
help
facilitate
the
automation
of
the
releases.
So
I
want
to
make
sure
that
folks
saw
that
that
the
change
logs
are
now
in
a
different
directory
than
what
they
would
expect
them
to
be
in.
D
C
D
A
A
No
to
the
trading
videos,
because
that
would
require
more
time
yeah
we
do.
We
do
release
it
for,
like
the
V1
beta,
1
change,
we
did
send
out
a
release,
note
and
an
email
to
the
kubernetes
dev
mailing
list.
We
drop
it
into
the
user,
slack
Channel
for
every
release.
We
do
that
for
the
huge
breaking
changes
we
do
send
out
emails
to
the
kubernetes
dev
mailing
list,
which
we
published
should
for
the
160
release
and
then
usually
I,
just
tweet
it
out
and
do
a
GitHub
release.
A
So,
okay,
beyond
that,
there's
not
really
much
more
marketing.
I
haven't
followed
up
with
Ricardo.
There
is
an
Ingress
nginx
Twitter
handle,
but
we
need
to
get
access
to
that.
That's
the
only
other
piece
that
we
can
probably
start
putting
release
notes
and
like
anticipating
changes
and
things
like
that
out
to
that
Twitter
handle
other
than
that.
That's
really
all
we
do
from
announcing
that
there's
a
release.
A
So
yeah
that
would
probably
be
helpful
once
we
have
like
the
the
updates
for
the
other
ones
like
we
talked
about,
the
160
might
be
a
little
late
for
that
one,
and
it
might
still
be
helpful
if
you
can
get
it
put
out
in
like
the
next
couple
of
weeks,
but
when
we
have
the
170
like
removing
pod
security
policies,
all
the
stuff
that
Ricardo
previously
talked
about
and
when
we
get
to
V2
with
doing
the
control
plan,
data
plane
split.
That
might
be
helpful
as
well.
To
have
some
videos
out
there.
D
C
A
A
A
A
A
You
might
want
to
get
the
Mage
stuff
merged
so
that
I
don't
have
to
do
a
bunch
of
get
hackery
Ricardo.
Do
you
wanna
you
wanna,
look
at
that
I
think
it's
I
think
I've
updated
everything.
The
big
thing
was
the
boilerplate
changes
was
to
get
that
released
because
that
was
that
was
a
requirement
for
that.
A
A
A
A
D
A
A
A
A
A
A
Okay,
so
that's
my
action
item.
One
of
the
other
things
I
wanted
to
talk
about
this
kind
of
like
a
meeting
framework
perspective.
Is
that
we're
good
at
assigning
action
items
but
not
following
up
on
those
action
items
so
I
once
wanted
to
add
a
part
of
the
meeting
is
that
we
just
we
put
in
some
time
to
follow
up
on
the
action
items
from
the
previous
meeting.
A
A
A
How
does
everyone
feel
about
that?
One
as
well
closing
out
that
project
and
moving
to
this
project
that
gets
automatically
added?
So
you
see
we
have
40
issues,
so
we
automatically
add
issues
now
as
people
open
up
issue
requests
and
PRS,
they
automatically
get
added
to
this
project
via
GitHub
actions.
So
we
can
start
using
this
project
to
track
work
and
work
through
everything
that
we've
been
working
on.
So
adding
the
leftover
four
or
five
tasks
from
the
stabilization
project
to
this
project
board
and
then
working
through
this
one.
A
That's
my
my
bad
on
that
the
holiday,
the
middle
of
the
holiday
break,
just
testing
it
out,
but
yeah,
creating
some
new
views
like
open,
PRS,
maintainers,
the
maintainer
is
assigned
to
work,
and
things
like
that.
I
do
want
to
I
want
to
play
around
with
the
labels
and
the
swim
lanes,
and
things
like
that,
and
just
but
just
getting
us
into
the
rhythm
of
using
this
board
to
track
work
and
making
sure
things
are
labeled
properly.
A
B
B
Yeah
I
I
I
want
it,
but
I'm
not
sure
we
are
gonna
have
Simon
and
I
think
that
those
can
be
actually
breaking
changes
future
breaking
changes,
because,
to
be
honest,
it
took
me
too
too
much
long
to
finish
all
of
the
control
plane,
data
plane
split,
so
I
don't
want
to
add
that
one
specifically
as
well
to
our
bucket
of
changes
and
then
get
get
people
mad
at
us.
Like
hey,
you
broke
a
lot
of
things
at
owns.
A
Before
we
do
the
removal
right
so
we've
got
the
open,
Telemetry
piece
in
there.
We
probably
should
have
a
migration
dot
so
like
if
you're,
using
Zipkin,
Jaeger
or
those
pieces
have
folks,
you
know,
have
a
migration
path
to
using
the
open,
Telemetry
and
then
do
the
removal
so
in
a
couple
step
process
so
yeah.
A
So
when
we
do
do
the
removal
again,
I
want
to
make
sure
that
we've
done
ample
communication,
that
when
we
do
the
the
breaking
changes
folks
have
known
about
it,
they
have
a
migration
path
forward
and
then
we
do
the
change.
So
that's
good
long,
do
you
know
I,
don't
think
we
had
a
separate
ticket
open
for
that
item
to
do
that.
Removal.
D
A
A
C
Ricardo
it's
important,
but
the
low
priority
bug
kind
of
got
reported,
they're,
saying
that
if
somebody
is
using
external
name
as
the
Ingress
backend
and
and
they
and
they
have
a
TLS
thing
going
on
there,
so
they're
saying
that
if
it
is
a
CH
rooted
image,
then
because
the
ETC
SSL
third
path
is
not
available
for
the
CH
rotate
image.
Then,
if
somebody
does
want
to
use
the
default
cert
against
the
proxied
destination,
then
it's
not
going
then
CH
rooted
image
has
a
caveat
there.
The
ch320
image
can't
do
that.
B
Yeah
I
I
need
to
check
this
because
this
external
DNS
stuff
and
all
of
this
seeing
would
be
probably
how
to
figure
out
how
how
the
balancer
actually
deals
with
that
so
I
would
I
would
say
that
yeah
I,
don't
know
long.
I
I
need
to
take
a
look
into
that
as
well
from
the
top
of
my
head
I
that
the
third
pieces
of
the
code
that
I
have
never
touched
it
so
I,
don't
know
how
this
can
be
I.
A
C
It's
not
a
small
use
case
and
I
think
the
problem
we
have
is
that
we
did
support
it.
We
have
annotations
and
config
map
documentation
that
people
who
want
to
do
that
can
do
that.
So
I
I
was
talking
to
this
guy
on
the
on
the
issue
I'm
telling
him.
Why
would
he
want
to
do
that?
He
said
he
just
wants
those
applications
available
on
a
host
name
of
their
choice.
It
doesn't
want
to
and
of
the
redirection
to
clients.
C
C
So
he's
saying
he's
a
pro
he's,
probably
the
only
person
asking
for
it
right
now,
but
so
it's
low
priority,
but
it
kind
of
popped
up,
because
it's
important
in
the
sense
that
we
have
a
feature
and
just
because
of
CH
root,
so
not
important
but
Ricardo,
because
you're
talking
about
streaming
changing
the
implementation
to
engineering.
Extreme
I
was
wondering
if
it
matters
there
or
proxy
is
a
different
code
path
and
streaming
is
a
different
code.
It's.
C
A
A
That's
where
we're
at
I
vote
that
we
use
the
rest
of
the
half
hour
to
clean
up
the
release
process
and
go
from
there
and
then
I'll
put
out
we'll
probably
should
I'll
open
up
a
a
Google
Drive
doc.
If
we
want
Ricardo,
do
you
think
we
should
also
put
out
the
email
and
the
email
to
the
kubernetes
dev
mailing
list
outlining
what
we've
just
talked
about
and
when
we
have
the
reporting
put
the
reporting
in
there
yeah.
A
I'll
do
that
now,
while
we're
talking
and
then
I'll
just
I'll
copy
and
paste,
what's
in
the
release,
notes
and
then
we'll
go
from
there
and
I
think
that's
I
think
that's
a
pretty
high,
not
high
bar
I,
think
that's
us
doing
our
diligence
making
sure
everyone's
aware
of
the
changes
and
I'll
get
the
release
out
today,
and
it
was.
It
was
the
fact
that
it
was
a
Friday
release
on
a
holiday
weekend
before
the
new
year.
Definitely
don't
do
that.
A
I
have
no
issues
doing
Friday
releases,
but
it
was
the
Friday
release
with
a
breaking
change
in
front
of
the
holiday
but
yeah
with
that
I'll
go
ahead
and
I'll
I'll
close
out
the
recording
and
then
we
can
work
through.
We
can
work
through
the
rest
of
the
things
with
the
time
that's
available,
foreign.